Regarding Senr.io Vulnerability Affecting Many D-Link Products

fredag 15 juli 2016 12:17

D-Link engineers have been working intensively to address the vulnerability reported in the network application interface, which occurs when malicious data is injected into the DCP protocol. The DCP protocol, is a legacy protocol to handle communication within the mydlink service and devices.

The firmware to remove the vulnerabilities described by Senr.io is currently finishing release tested, and will begin release by week ending July 15, 2016.

As part of general, ongoing improvement to our Cloud device interfaces, the DCP protocol was already scheduled for removal. That process will be ongoing into next month.

It is also important to note that the claim that this exploit offers the potential for a remote attack is likely to be unrealistic. The attack was most likely achieved via the same internal network that the cameras was on, not remotely over the internet. It is unlikely that the same exploit could be achieved over the public internet, because most of our cameras sit behind a router / modem. The attack is only possible remotely if the camera connects directly to the Internet”

Regarding the report on 120 models - This was incorrect. Only DCS-xxxL, DCS-xxxxL, DNS-xxxL and DNR-xxxL products are affected.

mydlink Cloud enabled routers, APs, and modems are safe from this vulnerability.

As soon as there are further updates, we will make them available on our mydlink service for automatic notification/upgrade via our mobile applications or via our support website for manual download.

To benefit from security updates, it is essential that customers regularly review all of the devices on their network to check that each device is running the latest firmware. We also recommend that customers use strong passwords, and that they change these passwords regularly. Advice on how to check and update firmware on D-Link devices can be found here: https://www.mydlink.com/download.